Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simatic_wincc_open_architecture
(Siemens)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 8 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-10 | CVE-2020-7580 | A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All... | Simatic_automatic_tool, Simatic_net_pc, Simatic_pcs_7, Simatic_pcs_neo, Simatic_prosave, Simatic_s7\-1500_software_controller, Simatic_step_7, Simatic_wincc, Simatic_wincc_open_architecture, Simatic_wincc_runtime_advanced, Simatic_wincc_runtime_professional, Sinamics_startdrive, Sinamics_starter_commissioning_tool, Sinec_network_management_system, Sinema_server, Sinumerik_one_virtual, Sinumerik_operate | 6.7 | ||
2019-08-13 | CVE-2019-10929 | A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0),... | Simatic_cp_1626_firmware, Simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware, Simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware, Simatic_hmi_panel_firmware, Simatic_net_pc, Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1500, Simatic_s7\-1500_cpu_1511c_firmware, Simatic_s7\-1500_cpu_1512c_firmware, Simatic_s7\-1500_cpu_1518_firmware, Simatic_s7\-Plcsim_advanced, Simatic_step_7, Simatic_tim_1531_irc_firmware, Simatic_wincc, Simatic_wincc_open_architecture, Simatic_wincc_runtime | 5.9 | ||
2019-02-05 | CVE-2018-3991 | An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability. | Simatic_wincc_open_architecture, Wibukey | 9.8 | ||
2018-09-12 | CVE-2018-13799 | A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This... | Simatic_wincc_open_architecture | 9.1 | ||
2014-02-07 | CVE-2014-1699 | Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. | Simatic_wincc_open_architecture | N/A | ||
2014-02-07 | CVE-2014-1698 | Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. | Simatic_wincc_open_architecture | N/A | ||
2014-02-07 | CVE-2014-1697 | The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. | Simatic_wincc_open_architecture | N/A | ||
2014-02-07 | CVE-2014-1696 | Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack. | Simatic_wincc_open_architecture | N/A |